[openssl-users] How to select supported signature algorithms

Jacques FLORENCE jacques.p.florence at gmail.com
Mon Mar 16 21:10:26 UTC 2015

I am developing a simple client/server application with openSSL.

Using wireshark, I can see in the Client Hello message that there is an
extension signature_algorithms, in which are fields Signature Hash
I can see a lot of supported algorithms, such as RSA, DSA, ECDSA in the
fields *Signature Hash Algorithm Signature* ,and SHA1, SHA256, MD5,
... for *Signature
Hash Algorithm Hash*.

The same behavior happens in the Server Key Exchange message.
My question is: how can I restrict this list of algorithms to use only one?
Note that I am already using the function set_cipher_list(), and as a
consequence, the field *Cipher Suites* in those messages only contains the
suite I want to use. So I don't know what is the API function to use
instead of ssl_ctx_set_cipher_list().

I didn't find anything in the documentation.

Thank you for your help,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150316/4aa34b76/attachment.html>

More information about the openssl-users mailing list